Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2014:1653 Moderate CentOS 5 openssl Security Update (Johnny Hughes) 2. CEEA-2014:1649 CentOS 7 kpatch Enhancement Update (Johnny Hughes) 3. CESA-2014:1652 Important CentOS 7 openssl Security Update (Johnny Hughes) 4. CESA-2014:1653 Moderate CentOS 5 openssl Security Update (Johnny Hughes) 5. CESA-2014:1652 Important CentOS 6 openssl Security Update (Johnny Hughes) ---------------------------------------------------------------------- Message: 1 Date: Thu, 16 Oct 2014 15:21:39 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:1653 Moderate CentOS 5 openssl Security Update Message-ID: <20141016152139.GA19436 at chakra.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:1653 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1653.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 0c3787137a7d1a0402612833b173693910eb27f79e0c4f8cedf6185b4f7141f9 openssl-0.9.8e-31.el5_11.i386.rpm 5ef64e16dd1349a254a96e91cfdfdd6215fb9daa846360d2efff515bbb6a56b8 openssl-devel-0.9.8e-31.el5_11.i386.rpm b98e5df6d59eddee85d544ca35bf0b7ca469a4c7032138465189c4c7bc27e5e6 openssl-perl-0.9.8e-31.el5_11.i386.rpm x86_64: 85ee93123052e86fd4204694e3ac52fad6797b3f7009d8bce8e1f908bfed5352 openssl-0.9.8e-31.el5_11.x86_64.rpm 5ef64e16dd1349a254a96e91cfdfdd6215fb9daa846360d2efff515bbb6a56b8 openssl-devel-0.9.8e-31.el5_11.i386.rpm 11362d4d6755f5e33609a8adf6fbd0002f1343e72cd5e06ddbf2c8e99cf0d514 openssl-devel-0.9.8e-31.el5_11.x86_64.rpm 4aa6b35c036489a83a193ceb26fea4d1b5da93e7fddc08245fe59ffde0d7f509 openssl-perl-0.9.8e-31.el5_11.x86_64.rpm Source: 1741388be54beb7176f7b5d90a3ddd1be99e1fcd5296725f4999c446a30c35c5 openssl-0.9.8e-31.el5_11.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 2 Date: Thu, 16 Oct 2014 16:22:22 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CEEA-2014:1649 CentOS 7 kpatch Enhancement Update Message-ID: <20141016162222.GA58256 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Enhancement Advisory 2014:1649 Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1649.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 51d8cfeb1a49efd3d778fcbf00537076b2d68f6ebcd0098fa174cd885c29dc6a kpatch-0.1.10-3.el7_0.noarch.rpm Source: 4d7cb8146fc0433167cd8e18f439d3b3cf7748649ce21b509b501fd46cc45c58 kpatch-0.1.10-3.el7_0.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 3 Date: Thu, 16 Oct 2014 16:22:42 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:1652 Important CentOS 7 openssl Security Update Message-ID: <20141016162242.GA58353 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:1652 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1652.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 982ba4376041d2d99d4b84dc05fbeac6b925777aa34d631aceeedb598bb98413 openssl-1.0.1e-34.el7_0.6.x86_64.rpm 426ba8dc7ac74f8b71f7965ec2e6e6b398ab466dc892394e8d1d5bd80ca4a4e6 openssl-devel-1.0.1e-34.el7_0.6.i686.rpm 7fdf24148ed86f0abb2618d92741d5c8f0769de6136b4ed9df2a60b8c795abe3 openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm ebc0fc79108a67efd64da36669c90865b4a75a38b4c07a5316078edd98b65da9 openssl-libs-1.0.1e-34.el7_0.6.i686.rpm 5d0607c487922602ae315f62d9d3c0eb8ca76a65c288e6c8fc61f688dad59593 openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm 4b092081206a1140a5d2901c2f5513c8155ec2b57a05cafdd6c9011ccdde78f5 openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm d664f61543bb84773467300c726d870700584f5af616df7a9f29922822773dd8 openssl-static-1.0.1e-34.el7_0.6.i686.rpm c57075f8c198ec81db1936eb2dea8ff210de317f76047ffa601eefd8230d3bae openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm Source: 6638e94c18b6961748e7986823b7115d852b25883ccff03ec89a16234cbca517 openssl-1.0.1e-34.el7_0.6.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 4 Date: Thu, 16 Oct 2014 17:53:19 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:1653 Moderate CentOS 5 openssl Security Update Message-ID: <20141016175319.GA26372 at chakra.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:1653 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1653.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 0f38fea6d167a87276c20f5a4d56c2f41faf7fc08d9c76e28329ecadbe0de51f openssl-0.9.8e-31.el5_11.i386.rpm c9660117d38961e5388d2fd72b0a68816b2047dc828a7438b0f6a4c74da4f27b openssl-0.9.8e-31.el5_11.i686.rpm 6244227177fb88cf9db43d1ffe086014c5786f8764c1d161d7ff5c0e4b4bcb78 openssl-devel-0.9.8e-31.el5_11.i386.rpm 33e546cd8897b47e2ddf836f07ad103a2ebb2f4282cd32c7b730d39ab462b67b openssl-perl-0.9.8e-31.el5_11.i386.rpm x86_64: c9660117d38961e5388d2fd72b0a68816b2047dc828a7438b0f6a4c74da4f27b openssl-0.9.8e-31.el5_11.i686.rpm 802ed9a049e7ae8c417c2bb108348cc9bd132698e805aa68795862276a320493 openssl-0.9.8e-31.el5_11.x86_64.rpm 6244227177fb88cf9db43d1ffe086014c5786f8764c1d161d7ff5c0e4b4bcb78 openssl-devel-0.9.8e-31.el5_11.i386.rpm 70cc0ab04b906816a2b8db05603c96fb709cb45473b116c73da1e5569295672b openssl-devel-0.9.8e-31.el5_11.x86_64.rpm cd7303f6689aac1013530cc766a70b6fdae56dc3b87960ecdec567ed68bfb168 openssl-perl-0.9.8e-31.el5_11.x86_64.rpm Source: 2d15a9cccc5453a329e53986061386de39e6e512af147b84354c3473b39a957b openssl-0.9.8e-31.el5_11.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 5 Date: Thu, 16 Oct 2014 20:48:09 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:1652 Important CentOS 6 openssl Security Update Message-ID: <20141016204809.GA19739 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:1652 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- i386 ----------------------------- 5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d openssl-devel-1.0.1e-30.el6_5.2.i686.rpm dc42eb136b3cfef78d590d4ab29d36e5e5951bc9433d20d5ca633033d960a00d openssl-perl-1.0.1e-30.el6_5.2.i686.rpm 95e67f00f7d58348e5f0df6ac74d7baecb9d5fc214d58ad257a14bec353219a3 openssl-static-1.0.1e-30.el6_5.2.i686.rpm ----------------------------- X86_64 ----------------------------- 5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm 17bfdb52afcb2ebaa16875819b9d8d2f3dc84eb061ee3e194da14e286bc76029 openssl-1.0.1e-30.el6_5.2.x86_64.rpm dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d openssl-devel-1.0.1e-30.el6_5.2.i686.rpm 7c390aab888c07887fc783686f42216711665738e58c2b23029748292dd0f96d openssl-devel-1.0.1e-30.el6_5.2.x86_64.rpm dfdcf88163743d5f4fda06a69cba00b822b73ba66aa5841faf8c0e9841b91bcb openssl-perl-1.0.1e-30.el6_5.2.x86_64.rpm 0f8cc0615d96d4d7e74b5ffc109143873510406dbb6be679d4ab94bd4f731cdb openssl-static-1.0.1e-30.el6_5.2.x86_64.rpm ----------------------------- Source: ----------------------------- 1a1c3ed0d8eb5775d89b726e7f19ff2d8b52b7ef27f6e36260e83ffc40328460 openssl-1.0.1e-30.el6_5.2.src.rpm ===================================================== The following upstream security issues are addressed in this update: https://rhn.redhat.com/errata/RHSA-2014-1652.html ===================================================== NOTE: This update is released into the CentOS-6.5 tree and has a .el6_5 dist tag, *NOT* the .el6_6 dist tag that Red Hat used for RHEL in the link above. This update was built against 'CentOS-6.5 + updates' and that is where it is intended to be used. The CentOS team will build and release a openssl-1.0.1e-30.el6_6.2.src.rpm as a zero day update to CentOS-6.6 when that is released as we are currently building CentOS-6.6 from the released Red Hat Enterprise Linux sources. Please also note that even after installing this update, further action is required to mitigate the POODLE issue on CentOS-6. Please see this link for steps to take and ways to test for both the POODLE and TLS_FALLBACK_SCSV issues. http://wiki.centos.org/Security/POODLE -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ _______________________________________________ CentOS-announce mailing list CentOS-announce at centos.org http://lists.centos.org/mailman/listinfo/centos-announce End of CentOS-announce Digest, Vol 116, Issue 10 ************************************************